Hello David,

I figured that out,

I am adding the ip address in the /etc/hosts file for reverse dns.. this is
coz, am not using the freeipa as a dns.

So, while restoring it still had the earlier entry.

I just corrected it and things worked fine...


On Tue, Apr 12, 2016 at 4:45 PM, David Kupka <dku...@redhat.com> wrote:

> On 12/04/16 11:26, Rakesh Rajasekharan wrote:
>> Hi ,
>> I am running ipa-server verison 4.2 on AWS,and testing the freeipa backup
>> and
>> restore .
>> The restoration works fine if its on the same host, wherin i uninstall
>> freeipa
>> and then install it back and then do a full restore.
>> However, if its a new machine with a different ip, the restoration fails.
>> I am running the restoration from an ansible playbook.. heres the output,
>> that I get
>> Preparing restore from /tmp/ipa/ipa-full-2016-04-12 on
>> test-ipa-master-int.xyz.com <http://test-ipa-master-int.xyz.com>
>> Performing FULL restore from FULL backup
>> Each master will individually need to be re-initialized or
>> re-created from this one. The replication agreements on
>> masters running IPA 3.1 or earlier will need to be manually
>> re-enabled. See the man page for details.
>> Disabling all replication.
>> Stopping IPA services
>> Systemwide CA database updated.
>> Restoring files
>> Systemwide CA database updated.
>> Restoring from userRoot in xyz-COM
>> Restoring from ipaca in xyz-COM
>> Starting IPA services
>> Command ''ipactl' 'start'' returned non-zero exit status 1
>> stdout: Configuring certmonger to stop tracking system certificates for CA
>> Is there a limitation that the ip needs to be the same for a restore to
>> happen
>> or am I missing something.
>> Thanks,
>> Rakesh
> Hello Rakesh,
> it's not possible to determine what happened from information that you
> have sent. Could you please find the service that failed to start and send
> its logs?
> I believe that all services in FreeIPA depends on host names and resolve
> IP address from DNS when needed.
> But if DNS server is part of FreeIPA server you're trying to restore it is
> holding old records with old IP addresses. Maybe this is the cause but it's
> just wild guess.
> --
> David Kupka
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to